Hello All,

I'm doing some initial congiuration testing for mobile IP. Ive managed to get an inital configuration on my home agent and test client (let just say it's a laptop w/ WinXP for now). For the moment, Ive been sucessful with establishing a tunnel with my client when I'm inside our enterprise network, but its failing when I connect my client to a public network and having to traverse our firewall.

When I enable debug ip mobile, this is the output I get:

00:10:26: MobileIP: ParseRegExt type NAI(131) addr 61C496C end 61C49A0

00:10:26: MobileIP: ParseRegExt skipping 20 to next

00:10:26: MobileIP: ParseRegExt type UDPTUNREQE(144) addr 61C4982 end 61C49A0

00:10:26: MobileIP: Parsing UDP Tunnel Request Extension - length 6

00:10:26: MobileIP: ParseRegExt skipping 6 to next

00:10:26: MobileIP: ParseRegExt type MHAE(32) addr 61C498A end 61C49A0

00:10:26: MobileIP: ParseRegExt skipping 20 to next

00:10:26: MobileIP: FA rcv registration for MN sean.daly@xxx.com on FastEthernet0/1 using COA 69.151.57.71 HA 205.142.239.229 lifetime 600 options sbDmg-T- identification C815F6702900236Eg a

00:10:26: MobileIP: Registration request in for MN sean.daly@xxx.com but no FA service (no care-of address), ignoredll

Please make note that I do not have the luxury of a Foreign Agent, just a Home Agent and Mobile node, which I understand is do'able.

So far, this is my home agent config:

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname mokc2w9rtr11

!

boot-start-marker

boot system flash c3640-ik9s-mz.124-7a.bin

boot-end-marker

!

**snip**

interface Loopback0

ip address 172.31.5.1 255.255.255.255

!

interface FastEthernet0/0

shutdown

!

interface FastEthernet0/1

ip address 170.231.x.x.255.248.0

speed 100

full-duplex

!

router mobile

!

router eigrp 1

redistribute mobile

network 170.231.0.0

no auto-summary

!

ip local pool ha-pool 172.31.x.x.31.5.250

no ip http server

no ip http secure-server

!

!

ip mobile home-agent nat traversal keepalive 15 forced accept

ip mobile home-agent

ip mobile host nai sean.daly@xxx.com address pool local ha-pool virtual-network 172.31.5.0 255.255.255.0

ip mobile secure host nai sean.daly@xxx.com spi 100 key hex 00000000000000000000000000000000 algorithm hmac-md5

!

**snip**

... and here's my client config. . .

#CiscoSystems

Version = 11.0

profile

profile-header

id = main1

key-version = 2.3

ack-id = 0

disable-protection = false

device-mode = false

end-profile-header

mobile-ip

local-ip-address = 0.0.0.0

local-subnet = 255.255.255.0

local-default-gateway = 172.31.5.1

nai = sean.daly@xxx.com

dns-server-list

address = 170.x.18.129

end-dns-server-list

dns-suffix-list

domain = na.ad.utilicorp.com

end-dns-suffix-list

passthru = false

broadcast-on = false

broadcast-on-ppp = false

enable-dynamic-ha = false

initial-re-registration-time = 4

re-registration-minimal-time = 30

re-registration-threshold = 90

colocated-registration-time = 600

AAA-authenticate-always = false

wait-colocated-time = 2

force-reverse-tunneling = dont

solicitation-address = 224.0.0.2

registration-mode-classical

home-agent-external-address = 205.x.x.229

home-agent-internal-address = 172.31.5.1

end-registration-mode-classical

security-association

remote-end = HA

security-context

spi = 0x100

algorithm-identifier = HMAC-MD5

key = 00000000000000000000000000000000

replay-protection-method = timestamp

end-security-context

end-security-association

trusted-fa-list

0.0.0.0

end-trusted-fa-list

home-subnet

network

address = 170.231.0.0

mask = 255.255.0.0

end-network

end-home-subnet

end-mobile-ip

Thanks.